1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
|
-- *****************************************************************************
-- Juniper-TACACS-Plus-Client-MIB
--
-- Juniper Networks Enterprise MIB
-- TACACS+ Client MIB
--
-- Copyright (c) 2002, 2004 Juniper Networks, Inc. All Rights Reserved.
-- *****************************************************************************
Juniper-TACACS-Plus-Client-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32, IpAddress
FROM SNMPv2-SMI
TEXTUAL-CONVENTION, RowStatus, TruthValue, TimeStamp
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
juniMibs
FROM Juniper-MIBs;
juniTacacsPlusClientMIB MODULE-IDENTITY
LAST-UPDATED "200403021731Z" -- 02-Mar-04 12:31 PM EST
ORGANIZATION "Juniper Networks, Inc."
CONTACT-INFO
" Juniper Networks, Inc.
Postal: 10 Technology Park Drive
Westford, MA 01886-3146
USA
Tel: +1 978 589 5800
Email: mib@Juniper.net"
DESCRIPTION
"The Terminal Access Controller Access Control System Plus (TACACS+)
Client MIB for the Juniper Networks enterprise."
-- Revision History
REVISION "200403021731Z" -- 02-Mar-04 12:31 PM EST - JUNOSe 5.3
DESCRIPTION
"Added juniTacacsPlusClientHostOrder to
juniTacacsPlusClientHostConfigTable."
REVISION "200209162144Z" -- 16-Sep-02 05:44 PM EDT - JUNOSe 5.0
DESCRIPTION
"Replaced Unisphere names with Juniper names."
REVISION "200207121349Z" -- 12-Jul-02 09:49 AM EDT - JUNOSe 4.1
DESCRIPTION
"Initial version of this MIB module."
::= { juniMibs 60 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Textual conventions
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
JuniKeyString ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"A string to keep a TACACS+ key. It may contain TAB character and/or
any character from 0x20 to 0x7e inclusive. Its lenght is limited to
100. For security reasons it always reads as an empty string."
SYNTAX OCTET STRING (SIZE(0..100))
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Managed objects
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniTacacsPlusClientObjects OBJECT IDENTIFIER
::= { juniTacacsPlusClientMIB 1 }
juniTacacsPlusClientCommonConfig OBJECT IDENTIFIER
::= { juniTacacsPlusClientObjects 1 }
juniTacacsPlusClientHostConfig OBJECT IDENTIFIER
::= { juniTacacsPlusClientObjects 2 }
juniTacacsPlusClientHostStats OBJECT IDENTIFIER
::= { juniTacacsPlusClientObjects 3 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Common parameters shared by all hosts
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniTacacsPlusClientDirectedRequest OBJECT-TYPE
SYNTAX INTEGER {
notRestrictedAndTruncated(1),
disabled(2),
notRestrictedAndNotTruncated(3),
restrictedAndTruncated(4),
restrictedAndNotTruncated(5) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents directed-request option setting. In any of the
enabled enabled states user name entered as `user@host' will be sent to
specified host fot authentication. If `restricted' is in effect and the
specified host is not available client would not try to use other hosts,
if `truncated' is in effect, then `@host' part will be stripped before
submission for authentication."
::= { juniTacacsPlusClientCommonConfig 1 }
juniTacacsPlusClientTimeout OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"TACACS+ host response timeout in seconds. Value 0 means 'not
configured, it this case built-in internal timeout value will be used."
::= { juniTacacsPlusClientCommonConfig 2 }
juniTacacsPlusClientKey OBJECT-TYPE
SYNTAX JuniKeyString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If the size is non-zero, packets passed between host and client will be
encrypted."
::= { juniTacacsPlusClientCommonConfig 3 }
juniTacacsPlusClientSourceIp OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If the value is is not 0.0.0.0 client will use this address as a source
IP address for communication with servers. Changing this value would
not affect existing connections."
::= { juniTacacsPlusClientCommonConfig 4 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Per host parameters
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniTacacsPlusClientHostConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniTacacsPlusClientHostConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains per host configuration parameters."
::= { juniTacacsPlusClientHostConfig 1 }
juniTacacsPlusClientHostConfigEntry OBJECT-TYPE
SYNTAX JuniTacacsPlusClientHostConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A TACACS+ host statistics table entry."
INDEX { juniTacacsPlusClientHostAddr }
::= { juniTacacsPlusClientHostConfigTable 1 }
JuniTacacsPlusClientHostConfigEntry ::= SEQUENCE {
juniTacacsPlusClientHostAddr IpAddress,
juniTacacsPlusClientHostPort INTEGER,
juniTacacsPlusClientHostPrimary TruthValue,
juniTacacsPlusClientHostSingleConnection TruthValue,
juniTacacsPlusClientHostTimeout INTEGER,
juniTacacsPlusClientHostKey JuniKeyString,
juniTacacsPlusClientHostStatus RowStatus,
juniTacacsPlusClientHostOrder INTEGER }
juniTacacsPlusClientHostAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IP address of the host."
::= { juniTacacsPlusClientHostConfigEntry 1 }
juniTacacsPlusClientHostPort OBJECT-TYPE
SYNTAX INTEGER (1..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The TCP port of the host."
DEFVAL { 49 }
::= { juniTacacsPlusClientHostConfigEntry 2 }
juniTacacsPlusClientHostPrimary OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Non-directed requests are submitted to the primary host first. There
is only one primary host in the table. So, setting this object to true,
will also change the value of this object in the current primary host.
If primary host is deleted or reset, system will assing new primary
host. When the first entry is created it becomes primary regardless of
the value of this object."
DEFVAL { false }
::= { juniTacacsPlusClientHostConfigEntry 3 }
juniTacacsPlusClientHostSingleConnection OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Traditionally TACACS+ client creates a new TCP connection for every
session. If this value is true then TACACS+ client will try to use
single connection if supported both by client implementation and by the
host."
DEFVAL { false }
::= { juniTacacsPlusClientHostConfigEntry 4 }
juniTacacsPlusClientHostTimeout OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"TACACS+ host response timeout in seconds. If the value is 0 then the
value of juniTacacsPlusClientTimeout will be used instead."
::= { juniTacacsPlusClientHostConfigEntry 5 }
juniTacacsPlusClientHostKey OBJECT-TYPE
SYNTAX JuniKeyString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If size is non-zero, packets passed between host and client will be
encrypted with the key, otherwise the value of juniTacacsPlusClientKey
will be used for the purpose."
DEFVAL { "" }
::= { juniTacacsPlusClientHostConfigEntry 6 }
juniTacacsPlusClientHostStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Status object, only `createAndGo' and 'destroy' are supported."
::= { juniTacacsPlusClientHostConfigEntry 7 }
juniTacacsPlusClientHostOrder OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The search order of this TACACS+ host within all configured
TACACS+ hosts. This MIB object indicates the order in which a
TACACS+ request will be sent to the TACACS+ hosts until a response
is received. The primary host is always the first host to be
contacted. The remaining hosts will be contacted in the order
that they were created. Should the primary host be deleted,
the next host in the search order will become the primary host."
::= { juniTacacsPlusClientHostConfigEntry 8 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Host statistics
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniTacacsPlusClientHostStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniTacacsPlusClientHostStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains per host statistics."
::= { juniTacacsPlusClientHostStats 1 }
juniTacacsPlusClientHostStatsEntry OBJECT-TYPE
SYNTAX JuniTacacsPlusClientHostStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A TACACS+ host statistics table entry."
AUGMENTS { juniTacacsPlusClientHostConfigEntry }
::= { juniTacacsPlusClientHostStatsTable 1 }
JuniTacacsPlusClientHostStatsEntry ::= SEQUENCE {
juniTacacsPlusClientHostAuthRequests Counter32,
juniTacacsPlusClientHostAuthReplies Counter32,
juniTacacsPlusClientHostAuthPending Counter32,
juniTacacsPlusClientHostAuthTimeouts Counter32,
juniTacacsPlusClientHostAuthorRequests Counter32,
juniTacacsPlusClientHostAuthorReplies Counter32,
juniTacacsPlusClientHostAuthorPending Counter32,
juniTacacsPlusClientHostAuthorTimeouts Counter32,
juniTacacsPlusClientHostAcctRequests Counter32,
juniTacacsPlusClientHostAcctReplies Counter32,
juniTacacsPlusClientHostAcctPending Counter32,
juniTacacsPlusClientHostAcctTimeouts Counter32,
juniTacacsPlusClientHostDiscontinuityTime TimeStamp }
juniTacacsPlusClientHostAuthRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of authentication requests sent to the host."
::= { juniTacacsPlusClientHostStatsEntry 1 }
juniTacacsPlusClientHostAuthReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of authentication replies received from the host."
::= { juniTacacsPlusClientHostStatsEntry 2 }
juniTacacsPlusClientHostAuthPending OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of expected but not received authentication replies from the
host."
::= { juniTacacsPlusClientHostStatsEntry 3 }
juniTacacsPlusClientHostAuthTimeouts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of authentication timeouts for the host."
::= { juniTacacsPlusClientHostStatsEntry 4 }
juniTacacsPlusClientHostAuthorRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of authorization requests sent to the host."
::= { juniTacacsPlusClientHostStatsEntry 5 }
juniTacacsPlusClientHostAuthorReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of authorization replies received from the host."
::= { juniTacacsPlusClientHostStatsEntry 6 }
juniTacacsPlusClientHostAuthorPending OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of expected but not received authorization replies from the
host."
::= { juniTacacsPlusClientHostStatsEntry 7 }
juniTacacsPlusClientHostAuthorTimeouts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of authorization timeouts for the host."
::= { juniTacacsPlusClientHostStatsEntry 8 }
juniTacacsPlusClientHostAcctRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of accounting requests sent to the host."
::= { juniTacacsPlusClientHostStatsEntry 9 }
juniTacacsPlusClientHostAcctReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of accounting replies received from the host."
::= { juniTacacsPlusClientHostStatsEntry 10 }
juniTacacsPlusClientHostAcctPending OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of expected but not received accounting replies from the host."
::= { juniTacacsPlusClientHostStatsEntry 11 }
juniTacacsPlusClientHostAcctTimeouts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of accounting timeouts for the host."
::= { juniTacacsPlusClientHostStatsEntry 12 }
juniTacacsPlusClientHostDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when corresponding juniTacacsPlusHostConfigEntry
was created, this object containg zero if host entry was created during
system initializatin."
::= { juniTacacsPlusClientHostStatsEntry 13 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Conformance information
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniTacacsPlusClientConformance OBJECT IDENTIFIER
::= { juniTacacsPlusClientMIB 2 }
juniTacacsPlusClientCompliances OBJECT IDENTIFIER
::= { juniTacacsPlusClientConformance 1 }
juniTacacsPlusClientGroups OBJECT IDENTIFIER
::= { juniTacacsPlusClientConformance 2 }
juniTacacsPlusCompliance MODULE-COMPLIANCE
STATUS obsolete
DESCRIPTION
"Obsolete compliance statement for entities which implement the Juniper
TACACS+ Client MIB."
MODULE -- this module
MANDATORY-GROUPS {
juniTacacsPlusClientCommonGroup,
juniTacacsPlusClientHostConfigGroup,
juniTacacsPlusClientHostStatsGroup }
::= { juniTacacsPlusClientCompliances 1 } -- JUNOSe 4.1
juniTacacsPlusCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which implement the Juniper
TACACS+ Client MIB."
MODULE -- this module
MANDATORY-GROUPS {
juniTacacsPlusClientCommonGroup,
juniTacacsPlusClientHostConfigGroup2,
juniTacacsPlusClientHostStatsGroup }
::= { juniTacacsPlusClientCompliances 2 } -- JUNOSe 5.3
--
-- units of conformance
--
juniTacacsPlusClientCommonGroup OBJECT-GROUP
OBJECTS {
juniTacacsPlusClientDirectedRequest,
juniTacacsPlusClientTimeout,
juniTacacsPlusClientKey,
juniTacacsPlusClientSourceIp }
STATUS current
DESCRIPTION
"This group defines common configuration parameters for all hosts."
::= { juniTacacsPlusClientGroups 1 }
juniTacacsPlusClientHostConfigGroup OBJECT-GROUP
OBJECTS {
juniTacacsPlusClientHostPort,
juniTacacsPlusClientHostPrimary,
juniTacacsPlusClientHostSingleConnection,
juniTacacsPlusClientHostTimeout,
juniTacacsPlusClientHostKey,
juniTacacsPlusClientHostStatus }
STATUS obsolete
DESCRIPTION
"Obsolete group for defining per host configuration parameters."
::= { juniTacacsPlusClientGroups 2 }
juniTacacsPlusClientHostStatsGroup OBJECT-GROUP
OBJECTS {
juniTacacsPlusClientHostAuthRequests,
juniTacacsPlusClientHostAuthReplies,
juniTacacsPlusClientHostAuthPending,
juniTacacsPlusClientHostAuthTimeouts,
juniTacacsPlusClientHostAuthorRequests,
juniTacacsPlusClientHostAuthorReplies,
juniTacacsPlusClientHostAuthorPending,
juniTacacsPlusClientHostAuthorTimeouts,
juniTacacsPlusClientHostAcctRequests,
juniTacacsPlusClientHostAcctReplies,
juniTacacsPlusClientHostAcctPending,
juniTacacsPlusClientHostAcctTimeouts,
juniTacacsPlusClientHostDiscontinuityTime }
STATUS current
DESCRIPTION
"This group defines statistics collected on per host basis."
::= { juniTacacsPlusClientGroups 3 }
juniTacacsPlusClientHostConfigGroup2 OBJECT-GROUP
OBJECTS {
juniTacacsPlusClientHostPort,
juniTacacsPlusClientHostPrimary,
juniTacacsPlusClientHostSingleConnection,
juniTacacsPlusClientHostTimeout,
juniTacacsPlusClientHostKey,
juniTacacsPlusClientHostStatus,
juniTacacsPlusClientHostOrder }
STATUS current
DESCRIPTION
"This group defines per host configuration parameters."
::= { juniTacacsPlusClientGroups 4 }
END
|
